pyrox.dev
1import ./make-test-python.nix (
2 { pkgs, ... }:
3
4 let
5 testString = "NixOS Gemini test successful";
6 in
7 {
8
9 name = "molly-brown";
10 meta = with pkgs.lib.maintainers; {
11 maintainers = [ ehmry ];
12 };
13
14 nodes = {
15
16 geminiServer =
17 { config, pkgs, ... }:
18 let
19 inherit (config.networking) hostName;
20 cfg = config.services.molly-brown;
21 in
22 {
23
24 environment.systemPackages = [
25 (pkgs.writeScriptBin "test-gemini" ''
26 #!${pkgs.python3}/bin/python
27
28 import socket
29 import ssl
30 import tempfile
31 import textwrap
32 import urllib.parse
33
34 url = "gemini://geminiServer/init.gmi"
35 parsed_url = urllib.parse.urlparse(url)
36
37 s = socket.create_connection((parsed_url.netloc, 1965))
38 context = ssl.SSLContext()
39 context.check_hostname = False
40 context.verify_mode = ssl.CERT_NONE
41 s = context.wrap_socket(s, server_hostname=parsed_url.netloc)
42 s.sendall((url + "\r\n").encode("UTF-8"))
43 fp = s.makefile("rb")
44 print(fp.readline().strip())
45 print(fp.readline().strip())
46 print(fp.readline().strip())
47 '')
48 ];
49
50 networking.firewall.allowedTCPPorts = [ cfg.settings.Port ];
51
52 services.molly-brown = {
53 enable = true;
54 docBase = "/tmp/docs";
55 certPath = "/tmp/cert.pem";
56 keyPath = "/tmp/key.pem";
57 };
58
59 systemd.services.molly-brown.preStart = ''
60 ${pkgs.openssl}/bin/openssl genrsa -out "/tmp/key.pem"
61 ${pkgs.openssl}/bin/openssl req -new \
62 -subj "/CN=${config.networking.hostName}" \
63 -key "/tmp/key.pem" -out /tmp/request.pem
64 ${pkgs.openssl}/bin/openssl x509 -req -days 3650 \
65 -in /tmp/request.pem -signkey "/tmp/key.pem" -out "/tmp/cert.pem"
66
67 mkdir -p "${cfg.settings.DocBase}"
68 echo "${testString}" > "${cfg.settings.DocBase}/test.gmi"
69 '';
70 };
71 };
72 testScript = ''
73 geminiServer.wait_for_unit("molly-brown")
74 geminiServer.wait_for_open_port(1965)
75 geminiServer.succeed("test-gemini")
76 '';
77
78 }
79)